From b2f362e6f1cd1acaa9d3d5443ead50440ff468f2 Mon Sep 17 00:00:00 2001
From: Matt Clay <matt@mystile.com>
Date: Tue, 14 Feb 2023 10:42:02 -0800
Subject: [stable-2.14] ansible-test - Support Podman 4.4.0+ (cherry picked
 from commit 67d49734f732f543c0b8d7713466c0aa3b8f484f)

Co-authored-by: Matt Clay <matt@mystile.com>
---
 test/lib/ansible_test/_internal/host_profiles.py | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'test')

diff --git a/test/lib/ansible_test/_internal/host_profiles.py b/test/lib/ansible_test/_internal/host_profiles.py
index ffff6f6a50..0abc99610c 100644
--- a/test/lib/ansible_test/_internal/host_profiles.py
+++ b/test/lib/ansible_test/_internal/host_profiles.py
@@ -506,6 +506,13 @@ class DockerProfile(ControllerHostProfile[DockerConfig], SshTargetHostProfile[Do
 
         cgroup_version = get_docker_info(self.args).cgroup_version
 
+        # Podman 4.4.0 updated containers/common to 0.51.0, which removed the SYS_CHROOT capability from the default list.
+        # This capability is needed by services such as sshd, so is unconditionally added here.
+        # See: https://github.com/containers/podman/releases/tag/v4.4.0
+        # See: https://github.com/containers/common/releases/tag/v0.51.0
+        # See: https://github.com/containers/common/pull/1240
+        options.extend(('--cap-add', 'SYS_CHROOT'))
+
         # Without AUDIT_WRITE the following errors may appear in the system logs of a container after attempting to log in using SSH:
         #
         #   fatal: linux_audit_write_entry failed: Operation not permitted
-- 
cgit v1.2.1